Kanev Cab Fare Calculator vulnerabilities
2 known vulnerabilities affecting kanev/cab_fare_calculator.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2022-1391P1CRITICALCVSS 9.8ExploitedPoCfixed in 1.0.42022-04-25
CVE-2022-1391 [CRITICAL] CWE-22 CVE-2022-1391: The Cab fare calculator WordPress plugin before 1.0.4 does not validate the controller parameter bef
The Cab fare calculator WordPress plugin before 1.0.4 does not validate the controller parameter before using it in require statements, which could lead to Local File Inclusion issues.
nvd
CVE-2022-3556P4MEDIUMCVSS 4.8≤ 1.1.62024-09-05
CVE-2022-3556 [MEDIUM] CWE-79 CVE-2022-3556: The Cab fare calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ve
The Cab fare calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the vehicle title setting in versions up to, and including, 1.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrative privileges to inject arbitrary web scripts in pages that will e
nvd